<?php
require_once('../include.php');
/**
 * 用户注册的函数。还有其他一些操作，如头像处理等
 * @return string
 */
function register() {
  $arr = $_POST;
  $password = md5($_POST['password']);
  $arr['regTime'] = time();

  if (insert("shop_user", $arr)) {
    $mes="注册成功!<br/>3秒钟后跳转到登陆页面!<meta http-equiv='refresh' content='3;url=login.php'/>";
  }
  return $mes;
}

/**
 * 登录验证的函数
 * @return string
 */
function login() {
  $username = $_POST['username'];
  $username = mysql_escape_string($username);
  $password = md5($_POST['password']);
  connect();
  $sql = "select * from shop_user where username = '{$username}' and password = '{$password}'";
  $row = fetchOne($sql);
  if ($row) {
    $_SESSION['loginFlag'] = $row['id'];
    $_SESSION['username'] = $row['username'];
    $mes = "登录成功！<br />3秒钟后跳转到首页<meta http-equiv='refresh' content='3;url=index.php'/>";
  } else {
    $mes = "登录失败！<br /><a href='login.php'>重新登录</a> ";
  }
  return $mes;
}